Skip to content

Product Roadmap

Last updated: June 2026 (revised — messaging bugfixes, notification clear-all, clean deploy, Firebase removal, stale file cleanup)

Current Status: Version 1.0 — Full Platform Live

All three core stages plus payments, coaching ecosystem, and admin tooling are implemented and functional.

Stage 1 — Discover ✅

  • 45-question psychometric assessment with adaptive ordering
  • 13-phase personalised report (rule-based insight panels — no AI calls)
  • PDF export, print support
  • "How to Read" guide modal
  • 6-month retake cooldown (enforced in StartHerePage.tsx)
  • Post-report feedback widget (rating + note, saved to reportFeedback/{uid})

Stage 2 — Design ✅

  • Future Studio — 6-step wizard (requires Discovery + Explorer plan)
  • Guided Ikigai builder (4 quadrant cards, archetype suggestions, statement builder)
  • Vision → Mission → SMART Goals chain-of-derivation flow
  • Life Path Simulator (Acceleration / Mastery / Contribution)
  • Strategic Audit (SWOT + habits + capability gap)

Stage 3 — Do ✅

  • Growth Loop — habit tracking, weekly reflections, monthly reviews (requires Discovery + Life Design + Explorer plan)
  • 30 / 60 / 90 day review cycles
  • Per-habit progress rating and mastery tracking
  • Trend indicator

Payments ✅

  • Stripe Checkout via VPS Express (/api/stripe/create-checkout-session)
  • Explorer plan: RM 99/year recurring subscription with planExpiresAt gate
  • Coach plan: RM 599 (year 1) → RM 199/year (renewal) via Stripe Subscription Schedule
  • Annual renewal extension via invoice.payment_succeeded webhook
  • Subscription cancellation handling via customer.subscription.deleted webhook (plan reverted, coachAppStatus cleared, coaches doc deactivated)
  • Promo codes: free-access, percent-off, fixed-off (admin-managed)
  • Agent referral commission pipeline?ref=AGENTCODE captured in sessionStorage → passed in checkout metadata → posted to agents-service on checkout.session.completed via POST http://127.0.0.1:5003/api/agents/internal/record-commission. Live-tested and confirmed: RM29.85 first sale at 15% Starter, repeat-customer bonus (+5%) working, idempotency on duplicate sessionId confirmed, wrong key returns 401 ✅
  • Bug fixed (April 2026): userData was used before declaration in stripe.js — coach checkouts would crash with ReferenceError. Moved userData lookup to run before the plan === 'coach' guard.
  • planExpiresAt expiry gate on all paid features
  • Admin complimentary accessplan: 'explorer' with no planExpiresAt = permanent free full access (admin-granted, no Stripe needed)
  • hasPaidAccess fix — admin-granted explorer plans (no planExpiresAt) now correctly return true

Coaching & Community ✅

  • Certified coach directory + application workflow
  • Full 5-step coach onboarding with payment gate: apply → admin pre-approve → Stripe payment → payment_received state → admin activation ✅
  • coachAppStatus field on UserProfile ('approved_pending_payment' | 'payment_received') for clean gate state management
  • CoachPortal payment gate screens (payment form, payment confirmed, activating fallback)
  • Annual renewal reminder banner in CoachPortal (amber ≤30 days, red if overdue)
  • Coach portal with full client roster and archetype/goal visibility
  • Coach referral system with unique per-coach referral links
  • handleGrantCoachAccess fixed — now also creates/reactivates coaches doc via upsertCoachFromUser + refreshes Active Coaches state ✅
  • handleRevokeCoachAccess fixed — now also deactivates coaches doc via deactivateCoach + filters coaches state ✅
  • Team reports
  • Workshops
  • Read-only share link for mentors/parents

Admin ✅

  • 10-tab AdminDashboard: Overview / Analytics / Engagement / Users / Profiles / Coaches / Workshops / Promo Codes / Feedback / Organisations
  • Admin report viewer (full paid-tier, PDF-exportable)
  • Admin cooldown reset + plan manager
  • Promoting to coach: upsertCoachFromUser + coaches state refresh
  • Demoting from coach: deactivateCoach + coaches state filter
  • Admin complimentary access grant (permanent Explorer, no Stripe required)
  • Feedback analytics tab (rating distribution + written notes)
  • Coach applications — full lifecycle: Pre-Approve, Reject, Delete, Activate (only on payment_received)

Organisation Management ✅ (data layer) / 🔲 (UI)

  • Organisation data model — inviteCode, coachIds, plan, planExpiresAt, seatLimit
  • activateOrgPlan / deactivateOrgPlan — batch-updates all member plan fields
  • Org subscription covers all members (denormalized plan: 'explorer' on each member user doc)
  • Members join via /register?org=INVITE_CODEorgId + orgRole: 'member' auto-set
  • Pending: Org Admin dashboard UI, invite link UI in AdminDashboard, auto-assign on join

Access Control & Docs (April 2026)

  • Access gate refactor — canAccessWellnessProfile and canAccessFinancialPlan now self-contained (include hasPaidAccess check internally)
  • Pricing.tsx free plan copy corrected to accurately describe Phase 1 access only
  • docs/access-control.md created — single source of truth for all 3 access tiers, gate functions, org rules, and Explorer grant paths
  • docs/architect-analysis-prompt.md rewritten — includes mandatory doc-reading table, correct MongoDB/VPS references, current gate signatures, compatibilityEngine.ts, rateLimiter.js, /compare route

Compatibility Engine (April 2026)

  • compatibilityEngine.ts extended with 4 new output sections: dosList, dontsList, approachGuide, traitsToWatchOut, conflictFlashpoints
  • 37-change plain-language rewrite of all compatibility output text

Rate Limiter (April 2026)

  • middleware/rateLimiter.js created — per-user userLimiter (120 req/min keyed on req.user.uid), admin bypass
  • Applied to GET /me and PUT /me in routes/users.js
  • Global IP limiter raised from 300 to 800 req/15 min

Self Mastery (April 2026) — menu name: Self Mastery, file: SelfMasteryPage.tsx

  • SelfMasteryPage.tsx (prev. SelfInquiryPage.tsx) — 5-phase structured self-coaching module (Data → Reactions → Patterns → Reality → Action)
  • Gated by canAccessSelfInquiry (Discovery completed + Explorer/Coach plan)
  • AI-guided at every phase via AiGuide component; prompt builders in selfInquiryService.ts
  • Session persistence: saveSelfInquirySession() writes to selfInquirySessions[] on user doc via PUT /api/users/me
  • Past sessions injected into AI context for continuity across future sessions
  • /self-inquiry route added to App.tsx; nav entry added to Layout.tsx

People Blueprint (April 2026) — menu name: People Blueprint, file: PeopleBlueprintPage.tsx

  • PeopleBlueprintPage.tsx (prev. CorporatePage.tsx) — workplace relationship mapper with per-relationship compatibility guides
  • Gated by canAccessCorporate (Discovery + Life Design completed + Explorer/Coach plan)
  • Users add manager / peer / subordinate relationships by archetype; computeCorporateGuide() produces scores + playbooks
  • computeTeamIntelligence() produces team-wide cohesion score and archetype spread
  • AI team coach via AiGuide with buildTeamCoachSystemPrompt() context-aware to the full org chart
  • saveCorporateData() writes to corporateRelationships[] on user doc via PUT /api/users/me
  • /corporate route added to App.tsx; nav entry added to Layout.tsx
  • canAccessCorporate and canAccessSelfInquiry gate functions added to journeyGates.ts
  • All documentation updated: docs/access-control.md, docs/architecture.md, docs/features.md, docs/user-journey.md, docs/architect-analysis-prompt.md

File Naming Alignment (April 2026 — first pass)

All 7 page files renamed to match their menu display names exactly to eliminate confusion during development:

  • QuestionnairePage.tsxDiscoveryPage.tsx
  • LifeDesign.tsxLifeDesignPage.tsx
  • WellnessProfile.tsxWellnessPage.tsx
  • FinancialPlan.tsxFinancialPage.tsx
  • SelfInquiryPage.tsxSelfMasteryPage.tsx
  • CorporatePage.tsxPeopleBlueprintPage.tsx
  • ProfileCompare.tsxRelationshipLensPage.tsx

Imports in App.tsx, route JSX, and internal export default function names all updated in lockstep. Sub-folder step components (lifeDesign/, financialPlan/, wellnessProfile/, growthLoop/) are NOT affected.

File Naming Alignment (April 2026 — second pass, plain-language labels)

All 6 remaining page files renamed to match updated plain-language navigation labels:

  • DiscoveryPage.tsxStartHerePage.tsx
  • LifeDesignPage.tsxDesignMyLifePage.tsx
  • GrowthLoop.tsxDailyGrowthPage.tsx
  • WellnessPage.tsxMindBodyPage.tsx
  • FinancialPage.tsxMoneyPlanPage.tsx
  • Report.tsxMyReportPage.tsx

Imports in App.tsx, route JSX, and internal export default function names all updated in lockstep. Sub-folder step components unchanged.

Messaging & Notifications (June 2026)

  • Conversations stored with string UUID _id (via randomUUID()) instead of MongoDB ObjectId — fixes all server-side findOne lookups
  • toDbId() helper added to conversations.js for backward compatibility with any existing ObjectId docs
  • getOrCreateConversation() now awaited before creating coaching notifications — eliminates dead /messages links
  • Notifications for coaching events embed ?conv=<uuid> for direct deep-link to the conversation thread
  • Messages.tsx auto-selects the first conversation when no ?conv= URL param is present
  • DELETE /api/notifications endpoint added — clears all notifications for the authenticated user
  • "Clear all" button added to both notification panels in Layout.tsx (sidebar + top bar dropdown)

Clean Frontend Deploy (June 2026)

  • VPS was accumulating old Vite-hashed build assets (8,847 files); rm -rf /opt/personality-app/public/assets now run before each SCP upload
  • c:\My Apps\hostinger\deploy-personality.ps1 created — builds, clears remote assets, then uploads fresh build in one command
  • docs/deployment.md updated with manual steps and script reference

Layout & Sidebar UX (June 2026)

  • Desktop top header hidden on authenticated inner pages (avoids double navigation chrome)
  • Sidebar collapsible on inner pages (Report, Wellness, LifeDesign, Financial)
  • Notification dropdown uses fixed positioning to prevent overflow/bleed on inner pages with collapsible sidebar

Firebase Removal & Codebase Cleanup (June 2026)

  • Firebase SDK, firebase-admin, and all VITE_FIREBASE_* env vars completely removed
  • Stale VPS files deleted: firebase.js, orphaned agents.js route, one-off data scripts (checkorgs.js, checkuser.js, deletedup.js etc.)
  • Stale local files deleted: SelfInquiryPage.tsx, workshops-sharelinks-feedback.js, careerPaths.json.bak, empty server/src/models/
  • Architecture doc corrected: removed phantom /api/compare route entry, fixed selfInquiry.sessions path, removed firebase.js entry from server structure

Architectural Decisions

  • VPS JWT Auth: Auth is handled entirely by the VPS (/api/auth/* endpoints issuing 30-day JWTs). Firebase has been completely removed. All data is stored in MongoDB on the VPS.
  • React 19 + Vite 6: High-performance frontend with fast HMR.
  • Tailwind CSS 4: Utility-first styling, consistent design system.
  • Modular Scoring: Scoring logic (scoring.ts) is fully decoupled from UI — safe to test independently and portable to future API or mobile integrations.
  • Data-Driven Content: All report and card content is driven from JSON data files — no hardcoded copy in components.
  • 6-Month Assessment Cooldown: Prevents score drift from mood-based retaking. Uses existing createdAt timestamp — no new DB fields required.
  • Rule-Based Insight Panels: The 4 insight panels (self / direction / decision / evolution) in the report are fully deterministic from framework.json — no AI calls. Same archetype combination always produces the same output.
  • Stripe via VPS: Payment credentials never touch the client. Webhook signature verification on the VPS Express server prevents spoofed plan upgrades.

Known Architecture Items (Not Yet Addressed)

  • Three simultaneous onSnapshot Firestore listeners (Layout + ProtectedRoute + DailyGrowthPage) — could be centralised to a React Context to reduce redundant reads.Fixed March 2026UserProfileProvider created in src/contexts/UserProfileContext.tsx, mounted in main.tsx. Now polls GET /api/users/me every 30 seconds. Layout, ProtectedRoute, and DailyGrowthPage all consume useUserProfile() instead of owning their own listeners.
  • LifeDesignPage.tsx and GrowthLoop.tsx are 1000+ line monoliths — candidates for step-component decomposition.Fixed March 2026 — Both files decomposed into focused child components. DesignMyLifePage.tsx (~500 lines) now delegates to src/pages/lifeDesign/ (AssessmentStep, FuturePathStep, GuidedIkigaiStep, LifeBlueprintStep, StrategicAuditStep + shared LifeDesignTypes). DailyGrowthPage.tsx (~330 lines) delegates to src/pages/growthLoop/ (OverviewTab, WeeklyReflectionTab, HabitTrackerTab, CycleReviewsTab + GrowthLoopTypes).
  • Journey gate logic lives in both ProtectedRoute.tsx and Layout.tsx — could be centralised.Fixed March 2026 — gate conditions extracted to src/utils/journeyGates.ts. Both files now import canAccessFutureStudio() and canAccessGrowthLoop() from there.
  • canAccessWellnessProfile and canAccessFinancialPlan required callers to add separate hasPaidAccess check.Fixed April 2026 — both gate functions now include && hasPaidAccess(profile) internally. Layout.tsx redundant checks removed.
  • Rate limiter gap: high-frequency API abuse possible on authenticated endpoints.Fixed April 2026middleware/rateLimiter.js created with per-user userLimiter (120 req/min keyed on req.user.uid). Applied to GET /me and PUT /me in users.js. Global IP limiter raised to 800 req/15 min.